WIRED: Researchers Create First Firmware Worm That Attacks MacsAugust 4, 2015
An attacker could first remotely compromise the boot flash firmware on a MacBook by delivering the attack code via a phishing email and malicious web site. That malware would then be on the lookout for any peripherals connected to the computer that contain option ROM, such as an Apple Thunderbolt Ethernet adapter, and infect the firmware on those. The worm would then spread to any other computer to which the adapter gets connected.
A firmware worm that completely hides itself from the system and can spread through peripherals like Ethernet Adapters is a pretty scary thought if you ask me.
Hopefully hardware vendors will remove those vulnerabilities as fast as possible.